package org.keycloak.broker.saml;

import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.UriUtils;
import org.keycloak.dom.saml.v2.protocol.AuthnContextComparisonType;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.saml.SamlPrincipalType;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.saml.common.util.XmlKeyInfoKeyNameTransformer;
import org.keycloak.utils.StringUtil;

/* loaded from: input_file:org/keycloak/broker/saml/SAMLIdentityProviderConfig.class */
public class SAMLIdentityProviderConfig extends IdentityProviderModel {
    public static final XmlKeyInfoKeyNameTransformer DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER = XmlKeyInfoKeyNameTransformer.NONE;
    public static final String ENTITY_ID = "entityId";
    public static final String IDP_ENTITY_ID = "idpEntityId";
    public static final String ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO = "addExtensionsElementWithKeyInfo";
    public static final String BACKCHANNEL_SUPPORTED = "backchannelSupported";
    public static final String ENCRYPTION_PUBLIC_KEY = "encryptionPublicKey";
    public static final String FORCE_AUTHN = "forceAuthn";
    public static final String NAME_ID_POLICY_FORMAT = "nameIDPolicyFormat";
    public static final String POST_BINDING_AUTHN_REQUEST = "postBindingAuthnRequest";
    public static final String POST_BINDING_LOGOUT = "postBindingLogout";
    public static final String POST_BINDING_RESPONSE = "postBindingResponse";
    public static final String ARTIFACT_BINDING_RESPONSE = "artifactBindingResponse";
    public static final String SIGNATURE_ALGORITHM = "signatureAlgorithm";
    public static final String ENCRYPTION_ALGORITHM = "encryptionAlgorithm";
    public static final String SIGNING_CERTIFICATE_KEY = "signingCertificate";
    public static final String SINGLE_LOGOUT_SERVICE_URL = "singleLogoutServiceUrl";
    public static final String SINGLE_SIGN_ON_SERVICE_URL = "singleSignOnServiceUrl";
    public static final String ARTIFACT_RESOLUTION_SERVICE_URL = "artifactResolutionServiceUrl";
    public static final String VALIDATE_SIGNATURE = "validateSignature";
    public static final String PRINCIPAL_TYPE = "principalType";
    public static final String PRINCIPAL_ATTRIBUTE = "principalAttribute";
    public static final String WANT_ASSERTIONS_ENCRYPTED = "wantAssertionsEncrypted";
    public static final String WANT_ASSERTIONS_SIGNED = "wantAssertionsSigned";
    public static final String WANT_AUTHN_REQUESTS_SIGNED = "wantAuthnRequestsSigned";
    public static final String XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER = "xmlSigKeyInfoKeyNameTransformer";
    public static final String ENABLED_FROM_METADATA = "enabledFromMetadata";
    public static final String AUTHN_CONTEXT_COMPARISON_TYPE = "authnContextComparisonType";
    public static final String AUTHN_CONTEXT_CLASS_REFS = "authnContextClassRefs";
    public static final String AUTHN_CONTEXT_DECL_REFS = "authnContextDeclRefs";
    public static final String SIGN_SP_METADATA = "signSpMetadata";
    public static final String ALLOW_CREATE = "allowCreate";
    public static final String ATTRIBUTE_CONSUMING_SERVICE_INDEX = "attributeConsumingServiceIndex";
    public static final String ATTRIBUTE_CONSUMING_SERVICE_NAME = "attributeConsumingServiceName";
    public static final String USE_METADATA_DESCRIPTOR_URL = "useMetadataDescriptorUrl";

    public SAMLIdentityProviderConfig() {
    }

    public SAMLIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        super(identityProviderModel);
    }

    public String getEntityId() {
        return (String) getConfig().get(ENTITY_ID);
    }

    public void setEntityId(String str) {
        getConfig().put(ENTITY_ID, str);
    }

    public String getIdpEntityId() {
        return (String) getConfig().get(IDP_ENTITY_ID);
    }

    public void setIdpEntityId(String str) {
        getConfig().put(IDP_ENTITY_ID, str);
    }

    public String getSingleSignOnServiceUrl() {
        return (String) getConfig().get(SINGLE_SIGN_ON_SERVICE_URL);
    }

    public void setSingleSignOnServiceUrl(String str) {
        getConfig().put(SINGLE_SIGN_ON_SERVICE_URL, str);
    }

    public String getArtifactResolutionServiceUrl() {
        return (String) getConfig().get(ARTIFACT_RESOLUTION_SERVICE_URL);
    }

    public void setArtifactResolutionServiceUrl(String str) {
        getConfig().put(ARTIFACT_RESOLUTION_SERVICE_URL, str);
    }

    public String getSingleLogoutServiceUrl() {
        return (String) getConfig().get(SINGLE_LOGOUT_SERVICE_URL);
    }

    public void setSingleLogoutServiceUrl(String str) {
        getConfig().put(SINGLE_LOGOUT_SERVICE_URL, str);
    }

    public boolean isValidateSignature() {
        return Boolean.valueOf((String) getConfig().get("validateSignature")).booleanValue();
    }

    public void setValidateSignature(boolean z) {
        getConfig().put("validateSignature", String.valueOf(z));
    }

    public boolean isForceAuthn() {
        return Boolean.valueOf((String) getConfig().get(FORCE_AUTHN)).booleanValue();
    }

    public void setForceAuthn(boolean z) {
        getConfig().put(FORCE_AUTHN, String.valueOf(z));
    }

    public String getSigningCertificate() {
        return (String) getConfig().get(SIGNING_CERTIFICATE_KEY);
    }

    public void setSigningCertificate(String str) {
        getConfig().put(SIGNING_CERTIFICATE_KEY, str);
    }

    public void addSigningCertificate(String str) {
        String str2 = (String) getConfig().get(SIGNING_CERTIFICATE_KEY);
        if (str2 == null || str2.isEmpty()) {
            getConfig().put(SIGNING_CERTIFICATE_KEY, str);
        } else {
            getConfig().put(SIGNING_CERTIFICATE_KEY, str2 + "," + str);
        }
    }

    public String[] getSigningCertificates() {
        String str = (String) getConfig().get(SIGNING_CERTIFICATE_KEY);
        return (str == null || str.isEmpty()) ? new String[0] : str.split(",");
    }

    public String getNameIDPolicyFormat() {
        return (String) getConfig().get(NAME_ID_POLICY_FORMAT);
    }

    public void setNameIDPolicyFormat(String str) {
        getConfig().put(NAME_ID_POLICY_FORMAT, str);
    }

    public boolean isWantAuthnRequestsSigned() {
        return Boolean.valueOf((String) getConfig().get(WANT_AUTHN_REQUESTS_SIGNED)).booleanValue();
    }

    public void setWantAuthnRequestsSigned(boolean z) {
        getConfig().put(WANT_AUTHN_REQUESTS_SIGNED, String.valueOf(z));
    }

    public boolean isWantAssertionsSigned() {
        return Boolean.valueOf((String) getConfig().get(WANT_ASSERTIONS_SIGNED)).booleanValue();
    }

    public void setWantAssertionsSigned(boolean z) {
        getConfig().put(WANT_ASSERTIONS_SIGNED, String.valueOf(z));
    }

    public boolean isWantAssertionsEncrypted() {
        return Boolean.valueOf((String) getConfig().get(WANT_ASSERTIONS_ENCRYPTED)).booleanValue();
    }

    public void setWantAssertionsEncrypted(boolean z) {
        getConfig().put(WANT_ASSERTIONS_ENCRYPTED, String.valueOf(z));
    }

    public boolean isAddExtensionsElementWithKeyInfo() {
        return Boolean.valueOf((String) getConfig().get(ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO)).booleanValue();
    }

    public void setAddExtensionsElementWithKeyInfo(boolean z) {
        getConfig().put(ADD_EXTENSIONS_ELEMENT_WITH_KEY_INFO, String.valueOf(z));
    }

    public String getSignatureAlgorithm() {
        return (String) getConfig().get(SIGNATURE_ALGORITHM);
    }

    public void setSignatureAlgorithm(String str) {
        getConfig().put(SIGNATURE_ALGORITHM, str);
    }

    public String getEncryptionAlgorithm() {
        return (String) getConfig().get(ENCRYPTION_ALGORITHM);
    }

    public void setEncryptionAlgorithm(String str) {
        getConfig().put(ENCRYPTION_ALGORITHM, str);
    }

    public String getEncryptionPublicKey() {
        return (String) getConfig().get(ENCRYPTION_PUBLIC_KEY);
    }

    public void setEncryptionPublicKey(String str) {
        getConfig().put(ENCRYPTION_PUBLIC_KEY, str);
    }

    public boolean isPostBindingAuthnRequest() {
        return Boolean.valueOf((String) getConfig().get(POST_BINDING_AUTHN_REQUEST)).booleanValue();
    }

    public void setPostBindingAuthnRequest(boolean z) {
        getConfig().put(POST_BINDING_AUTHN_REQUEST, String.valueOf(z));
    }

    public boolean isPostBindingResponse() {
        return Boolean.valueOf((String) getConfig().get(POST_BINDING_RESPONSE)).booleanValue();
    }

    public void setPostBindingResponse(boolean z) {
        getConfig().put(POST_BINDING_RESPONSE, String.valueOf(z));
    }

    public boolean isPostBindingLogout() {
        String str = (String) getConfig().get(POST_BINDING_LOGOUT);
        return str == null ? isPostBindingResponse() : Boolean.valueOf(str).booleanValue();
    }

    public void setPostBindingLogout(boolean z) {
        getConfig().put(POST_BINDING_LOGOUT, String.valueOf(z));
    }

    public boolean isBackchannelSupported() {
        return Boolean.valueOf((String) getConfig().get(BACKCHANNEL_SUPPORTED)).booleanValue();
    }

    public void setBackchannelSupported(boolean z) {
        getConfig().put(BACKCHANNEL_SUPPORTED, String.valueOf(z));
    }

    public boolean isArtifactBindingResponse() {
        return Boolean.valueOf((String) getConfig().get(ARTIFACT_BINDING_RESPONSE)).booleanValue();
    }

    public void setArtifactBindingResponse(boolean z) {
        getConfig().put(ARTIFACT_BINDING_RESPONSE, String.valueOf(z));
    }

    public XmlKeyInfoKeyNameTransformer getXmlSigKeyInfoKeyNameTransformer() {
        return XmlKeyInfoKeyNameTransformer.from((String) getConfig().get(XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER), DEFAULT_XML_KEY_INFO_KEY_NAME_TRANSFORMER);
    }

    public void setXmlSigKeyInfoKeyNameTransformer(XmlKeyInfoKeyNameTransformer xmlKeyInfoKeyNameTransformer) {
        getConfig().put(XML_SIG_KEY_INFO_KEY_NAME_TRANSFORMER, xmlKeyInfoKeyNameTransformer == null ? null : xmlKeyInfoKeyNameTransformer.name());
    }

    public int getAllowedClockSkew() {
        int i = 0;
        String str = (String) getConfig().get("allowedClockSkew");
        if (str != null && !str.isEmpty()) {
            try {
                i = Integer.parseInt(str);
                if (i < 0) {
                    i = 0;
                }
            } catch (NumberFormatException e) {
            }
        }
        return i;
    }

    public void setAllowedClockSkew(int i) {
        if (i < 0) {
            getConfig().remove("allowedClockSkew");
        } else {
            getConfig().put("allowedClockSkew", String.valueOf(i));
        }
    }

    public SamlPrincipalType getPrincipalType() {
        return SamlPrincipalType.from((String) getConfig().get(PRINCIPAL_TYPE), SamlPrincipalType.SUBJECT);
    }

    public void setPrincipalType(SamlPrincipalType samlPrincipalType) {
        getConfig().put(PRINCIPAL_TYPE, samlPrincipalType == null ? null : samlPrincipalType.name());
    }

    public String getPrincipalAttribute() {
        return (String) getConfig().get(PRINCIPAL_ATTRIBUTE);
    }

    public void setPrincipalAttribute(String str) {
        getConfig().put(PRINCIPAL_ATTRIBUTE, str);
    }

    public boolean isEnabledFromMetadata() {
        return Boolean.valueOf((String) getConfig().get(ENABLED_FROM_METADATA)).booleanValue();
    }

    public void setEnabledFromMetadata(boolean z) {
        getConfig().put(ENABLED_FROM_METADATA, String.valueOf(z));
    }

    public AuthnContextComparisonType getAuthnContextComparisonType() {
        return AuthnContextComparisonType.fromValue((String) getConfig().getOrDefault(AUTHN_CONTEXT_COMPARISON_TYPE, AuthnContextComparisonType.EXACT.value()));
    }

    public void setAuthnContextComparisonType(AuthnContextComparisonType authnContextComparisonType) {
        getConfig().put(AUTHN_CONTEXT_COMPARISON_TYPE, authnContextComparisonType.value());
    }

    public String getAuthnContextClassRefs() {
        return (String) getConfig().get(AUTHN_CONTEXT_CLASS_REFS);
    }

    public void setAuthnContextClassRefs(String str) {
        getConfig().put(AUTHN_CONTEXT_CLASS_REFS, str);
    }

    public String getAuthnContextDeclRefs() {
        return (String) getConfig().get(AUTHN_CONTEXT_DECL_REFS);
    }

    public void setAuthnContextDeclRefs(String str) {
        getConfig().put(AUTHN_CONTEXT_DECL_REFS, str);
    }

    public boolean isSignSpMetadata() {
        return Boolean.valueOf((String) getConfig().get(SIGN_SP_METADATA)).booleanValue();
    }

    public void setSignSpMetadata(boolean z) {
        getConfig().put(SIGN_SP_METADATA, String.valueOf(z));
    }

    public boolean isAllowCreate() {
        return Boolean.valueOf((String) getConfig().get(ALLOW_CREATE)).booleanValue();
    }

    public void setAllowCreated(boolean z) {
        getConfig().put(ALLOW_CREATE, String.valueOf(z));
    }

    public Integer getAttributeConsumingServiceIndex() {
        Integer num = null;
        String str = (String) getConfig().get(ATTRIBUTE_CONSUMING_SERVICE_INDEX);
        if (str != null && !str.isEmpty()) {
            try {
                num = Integer.valueOf(Integer.parseInt(str));
                if (num.intValue() < 0) {
                    num = null;
                }
            } catch (NumberFormatException e) {
            }
        }
        return num;
    }

    public void setAttributeConsumingServiceIndex(Integer num) {
        if (num == null || num.intValue() < 0) {
            getConfig().remove(ATTRIBUTE_CONSUMING_SERVICE_INDEX);
        } else {
            getConfig().put(ATTRIBUTE_CONSUMING_SERVICE_INDEX, String.valueOf(num));
        }
    }

    public void setAttributeConsumingServiceName(String str) {
        getConfig().put(ATTRIBUTE_CONSUMING_SERVICE_NAME, str);
    }

    public String getAttributeConsumingServiceName() {
        return (String) getConfig().get(ATTRIBUTE_CONSUMING_SERVICE_NAME);
    }

    public void setUseMetadataDescriptorUrl(Boolean bool) {
        if (bool == null || !bool.booleanValue()) {
            getConfig().remove(USE_METADATA_DESCRIPTOR_URL);
        } else {
            getConfig().put(USE_METADATA_DESCRIPTOR_URL, Boolean.TRUE.toString());
        }
    }

    public boolean isUseMetadataDescriptorUrl() {
        return Boolean.parseBoolean((String) getConfig().get(USE_METADATA_DESCRIPTOR_URL));
    }

    public void validate(RealmModel realmModel) {
        SslRequired sslRequired = realmModel.getSslRequired();
        UriUtils.checkUrl(sslRequired, getSingleLogoutServiceUrl(), SINGLE_LOGOUT_SERVICE_URL);
        UriUtils.checkUrl(sslRequired, getSingleSignOnServiceUrl(), SINGLE_SIGN_ON_SERVICE_URL);
        if (StringUtil.isNotBlank(getMetadataDescriptorUrl())) {
            UriUtils.checkUrl(sslRequired, getMetadataDescriptorUrl(), "metadataDescriptorUrl");
        }
        if (isUseMetadataDescriptorUrl() && StringUtil.isBlank(getMetadataDescriptorUrl())) {
            throw new IllegalArgumentException("useMetadataDescriptorUrl needs a non-empty URL for metadataDescriptorUrl");
        }
        if (StringUtil.isNotBlank(getArtifactResolutionServiceUrl())) {
            UriUtils.checkUrl(sslRequired, getArtifactResolutionServiceUrl(), ARTIFACT_RESOLUTION_SERVICE_URL);
        }
        if (JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get().equals(getNameIDPolicyFormat()) && SamlPrincipalType.SUBJECT == getPrincipalType()) {
            throw new IllegalArgumentException("Can not have Transient NameID Policy Format together with SUBJECT Principal Type");
        }
    }
}
